var express = require('express');
var router = express.Router();
var crypto = require('crypto');
var User = require('../models/user');
var Post = require('../models/post');

function checkNotLogin(req, res, next) {
    if (req.session.user) {
        req.flash('message', '已登录');
        res.redirect('/');
    }
    next();
}

function decodePassword(req) {
    var md5 = crypto.createHash('md5');
    return md5.update(req.body.password).digest('base64');
}

router
    .route('/')
    .get(function (req, res, next) {
        res.render('index', {
            path: req.path,
            title: '首页'
        });
    });

router
    .route('/reg')
    .all(checkNotLogin)
    .get(function (req, res, next) {
        res.render('reg', {
                path: req.path,
                title: '用户注册'
            }
        );
    })
    .post(function (req, res, next) {
        if (req.body.password != req.body['password-repeat']) {
            req.flash('message', '两次输入的口令不一致');
            res.redirect("/reg");
        }

        var newUser = new User({
            name: req.body.username,
            password: decodePassword(req)
        });

        newUser.get(function (err, user) {
            if (user) {
                req.flash('message', '用户名已存在');
                res.redirect('/reg');
            }

            newUser.save(function (err) {
                if (err) {
                    req.flash('message', err);
                    res.redirect('/reg');
                }
                req.session.user = newUser;
                req.flash('message', '注册成功');
                res.redirect('/');
            });
        });
    });

router
    .route('/login')
    .all(checkNotLogin)
    .get(function (req, res, next) {
        res.render("login", {
            path: req.path,
            title: '用户登录'
        });
    })
    .post(function (req, res, next) {
        var newUser = new User(req.body.unseranme);
        newUser.get(req.body.username, function (err, user) {
            if (!user) {
                req.flash('message', '用户不存在');
                res.redirect('/login');
            }
            if (user.password != decodePassword(req)) {
                req.flash('message', '用户口令错误');
                res.redirect('/login');
            }
            req.session.user = user;
            req.flash('message', '登录成功');
            res.redirect('/');
        });
    });

router
    .route('/logout')
    .all(function (req, res, next) {
        if (!req.session.user) {
            req.flash('message', '未登录');
            res.redirect('login');
        }
        next();
    })
    .get(function (req, res, next) {
        req.session.user = null;
        req.flash('message', '退出成功');
        res.redirect('/');
    });

router
    .route('/post')
    .all(checkNotLogin)
    .post(function (req, res, next) {
        var user = req.session.user;
        var post = new Post(user.name, req.body.post);
        post.save(function (err) {
            if (err) {
                req.flash('message', err);
                res.redirect('/');
            }
            req.flash('message', '发表成功');
            res.redirect('/users/' + user.name);
        });
    });

module.exports = router;